The Open VSX registry rotated access tokens after developers accidentally leaked them in public repositories, which in turn allowed threat actors to publish malicious extensions as part of a supply chain attack.
Two weeks ago, Wiz researchers first discovered the leak and then reported over 550 exposed secrets across Microsoft VSCode and Open VSX marketplaces.
Some of those secrets could provide access to projects with 150,000 downloads, giving attackers the opportunity to upload malicious versions of extensions and create a serious supply-chain risk.
Developed under the Eclipse Foundation, Open VSX serves as an open-source alternative to Microsoft’s Visual Studio Marketplace, a platform that offers extensions for the VSCode IDE.
Additionally, Open VSX acts as a community-driven registry for VS Code–compatible extensions used by AI-powered forks that cannot rely on Microsoft’s platform, such as Cursor and Windsurf.
A few days later, attackers used some of the leaked tokens in a malware campaign dubbed ‘GlassWorm’.
GlassWorm
Koi Security researchers revealed that GlassWorm deployed self-spreading malware hidden within invisible Unicode characters. The malware attempted to steal developer credentials and trigger cascading breaches across reachable projects.
Moreover, these attacks targeted cryptocurrency wallet data from 49 extensions, suggesting that the attackers sought financial gain.
The Open VSX team and the Eclipse Foundation published a blog post about the campaign and the leaked tokens, clarifying that GlassWorm did not self-replicate, although it did target developer credentials.
“The malware in question was designed to steal developer credentials, which could then be used to extend the attacker’s reach, but it did not autonomously propagate through systems or user machines,” said the Open VSX team.
“We also believe that the reported download count of 35,800 overstates the actual number of affected users, as it includes inflated downloads generated by bots and visibility-boosting tactics used by the threat actors.”
Despite these clarifications, the Open VSX team acted quickly to contain the threat. By October 21, they removed all malicious extensions from the registry and rotated or revoked the associated tokens.
The organization has now confirmed full containment of the incident, with no ongoing impact. Moving forward, they plan to implement additional security measures to prevent similar attacks.
They outlined the following improvements:
- Shorten token lifetimes to reduce exposure impact.
- Introduce faster revocation workflows for leaked credentials.
- Perform automated security scans for extensions during publication.
- Collaborate with VS Code and other marketplaces to share threat intelligence.
BleepingComputer contacted the Eclipse Foundation to ask how many tokens they had rotated in total, but the team did not immediately provide a statement.
Meanwhile, Aikido reported that the same threat actors behind GlassWorm have shifted their focus to GitHub, where they employ the same Unicode steganography trick to conceal their malicious payloads.
The researchers found that the operation has already spread to multiple repositories, most of which focus on JavaScript projects.
This pivot to GitHub demonstrates that the threat remains active, as attackers quickly adapt and move across open-source ecosystems after exposure.
Source: BleepingComputer, Bill Toulas
Read more at Impreza News
